26 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53182
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that coun...
wifi: nl80211: reject oversized EMA RNR lists
...
CVE-2026-53182
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...
UBUNTU-CVE-2026-53182
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...
EUVD-2026-39273
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...
EUVD-2024-30760
Malicious code in bioql PyPI...
EUVD-2024-37306
Malicious code in bioql PyPI...
CVE-2024-33015
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report...
CVE-2024-48873
CVE-2024-48873 affects the Linux kernel wifi rt89 driver. The root cause is not validating the return value of ieee80211_probereq_get(), which can be NULL and lead to a NULL pointer dereference when used. The published advisory notes that the function’s return value must be checked before use to ...
CVE-2024-53055 wifi: iwlwifi: mvm: fix 6 GHz scan construction
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop variable has type u8,...
CVE-2024-38405
Transient DOS while processing the CU information from RNR IE...
CVE-2024-38405 Buffer Over-read in WLAN Host
Transient DOS while processing the CU information from RNR IE...
CVE-2024-38405
CVE-2024-38405 is a Qualcomm WLAN component vulnerability causing a transient denial-of-service when processing the CU information from the RNR IE. The issue is documented with a high impact in Qualcomm’s security context and is indicated in accompanying Android bulletins as part of patch levels ...
CVE-2024-38405 Buffer Over-read in WLAN Host
Transient DOS while processing the CU information from RNR IE...
CVE-2024-33015
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report...
CVE-2024-33015 Buffer Over-read in WLAN Host
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report...
CVE-2024-33015
CVE-2024-33015 describes a transient DoS in the WLAN host stack during parsing of a SCAN RNR Information Element. Root cause: when bytes from the AP cause the size of the last IE parameter to be smaller than the neighboring report, a DoS can occur. Documented references indicate this affects Qual...
CVE-2024-33015 Buffer Over-read in WLAN Host
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report...
Design/Logic Flaw
In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is opening the cwnd and thus enabling more RPC Calls to be sent /before/ rpcrdmapostrecvs can post enough Receive WRs to receive their replies. This causes a...
CVE-2021-47001
CVE-2021-47001 (Linux kernel) is a local‑vector vulnerability in the rpcrdma/ xPRTRDMA path where after reconnect the reply handler opens the cwnd before rpcrdma_post_recvs() has posted enough Receive WRs, causing an RNR and immediate loss of the new connection. Root cause: race between cwnd upda...